I set up two-factor authentication for my Apple ID yesterday. I had tried previously, and it was a disaster. In spite of some confusing instructions from Apple, it seems to have worked so far.
But I was surprised to find that, when I was logging into different devices, it didn’t show the correct location.
I’m not near London; I’m about 100 miles away.
Glenn Fleishman, Macworld:
[…] My wife routinely is told she’s logging in from about 30 miles south, although on the same home network, it’s more accurate for me. If we both had this issue, I’d expect that the IP address of our network was misplaced in whatever geo-identification system Apple relied on to match IPs with a rough place on the globe.
This is particularly troubling because two factor authentication is promoted as being a more secure login option. If a typical user were to set that up and then be shown a map of a login attempt from miles away, they may be concerned, and reasonably so. I get that the map is supposed to help authenticate a login attempt with an additional piece of information, but is that enough of a reason to display it, if it is unreliable? I’m not so sure.